Experience with Fireplug's Linux Edge Router ?

Experience with Fireplug's Linux Edge Router ?

Post by a » Tue, 29 Dec 1998 04:00:00



Has anyone tried the Linux Edge Router ( http://edge.fireplug.net/ ) ?
It sounds like a custom version of the Linux Router Project to firewall
a small network from the the internet accessed by DHCP cable or ADSL. It
looks simple to use and it does exactly what I want.
My questions to any users of the above are:
1) Is it simple to use?
2)Is a 486/25 Linux edge Router computer with 12 megs of ram adequate to
firewall one pentium Windows computer  with a 4 Mbps down / 640kbps up
ADSL connection?
3) Will it hurt my 30ms Quake 2 ping times :-)?
Thanks in advance for any info.

PS: I tried to subscribe to the Fireplug  mailing lists but it didn't
seem to work. Off to try again.

 
 
 

Experience with Fireplug's Linux Edge Router ?

Post by Greg Wee » Wed, 30 Dec 1998 04:00:00




Quote:> Has anyone tried the Linux Edge Router ( http://edge.fireplug.net/ ) ?
> It sounds like a custom version of the Linux Router Project to firewall
> a small network from the the internet accessed by DHCP cable or ADSL. It
> looks simple to use and it does exactly what I want.
> My questions to any users of the above are:
> 1) Is it simple to use?
> 2)Is a 486/25 Linux edge Router computer with 12 megs of ram adequate to
> firewall one pentium Windows computer  with a 4 Mbps down / 640kbps up
> ADSL connection?

Yes. I use a 486/33 with 16 to do a 640K/272K connection. I used a
386/40 with 8 before that. The biggest performence change I saw was in
logins. I rolled my own router software from a slackware 3.4
distribution.

Quote:> 3) Will it hurt my 30ms Quake 2 ping times :-)?
> Thanks in advance for any info.

Yes. I don't know how much though.

Quote:> PS: I tried to subscribe to the Fireplug  mailing lists but it didn't
> seem to work. Off to try again.

Greg Weeks
--
http://durendal.tzo.com/greg/

 
 
 

Experience with Fireplug's Linux Edge Router ?

Post by Stuart Lyn » Fri, 01 Jan 1999 04:00:00






>> Has anyone tried the Linux Edge Router ( http://edge.fireplug.net/ ) ?
>> It sounds like a custom version of the Linux Router Project to firewall
>> a small network from the the internet accessed by DHCP cable or ADSL. It
>> looks simple to use and it does exactly what I want.
>> My questions to any users of the above are:
>> 1) Is it simple to use?

Could be simpler. We're working on it...

Quote:>> 2)Is a 486/25 Linux edge Router computer with 12 megs of ram adequate to
>> firewall one pentium Windows computer  with a 4 Mbps down / 640kbps up
>> ADSL connection?

Maybe. Try for 16mb of RAM.

Quote:>Yes. I use a 486/33 with 16 to do a 640K/272K connection. I used a
>386/40 with 8 before that. The biggest performence change I saw was in
>logins. I rolled my own router software from a slackware 3.4
>distribution.

>> 3) Will it hurt my 30ms Quake 2 ping times :-)?
>> Thanks in advance for any info.

Shouldn't add more than a few ms..

--

PGP Fingerprint: 28 E2 A0 15 99 62 9A 00  88 EC A3 EE 2D 1C 15 68

 
 
 

1. Cable modem with Linux Router Project & Fireplug Edge Router - help with wierd ports!


router running on the Edge router floppy.  Normal traffic goes through
just fine (http, smtp, ftp, etc).  The problem comes in with games and
the default behavior of this friewall/router solution.  It is geared
towards security and defaults to deny everything and then let in things
on an as specified basis.  I would like this to be reversed - accept
everything in both directions and allow me to lock down individual ports
as needed.  This is how my previous Cisco 766 ISDN router worked (using
PAT - little brother to full-blown NAT - same function essentially; lets
multiple machines hide behind one valid IP).  I had no problems with
BattleZone or Quake2 or any other games with the Cisco but this Linux
router just refuses to play BattleZone.  I can enter the Internet lobby,
connect to the server, see active games, click join game, see the
players in the game, pick a tank and then try to launch and whamo - it
bangs on the connect a while (longer than it should or ever has) and
evetually just sits there forcing me to ALT-TAB to the desktop and do a
CTRL-ALT-DEL to kill the BattleZone task as the game will never launch.
I have experimented with the userin.txt and portfw.txt files and have
issued some "ipchains" commands in an attempt to work around this.

The lines I have put into /etc/userin.txt (commented out all others):

tcp             -d PUBLICIP 00000:65535
udp             -d PUBLICIP 00000:65535
icmp            -d PUBLICIP 00000:65535
tcp             -s PUBLICIP 00000:65535
udp             -s PUBLICIP 00000:65535
icmp            -s PUBLICIP 00000:65535

The way I'm understanding this, this should open up all ports in the
range of 0-65535 for all protocols.  Does this look right?

I have also experimented with the ipchains command.  I noticed that an
"ipchains -L" command would list a lot of default behaviors apparently
setup to filter out "unwanted" traffic.  I used an "ipchains -F" to
flush all settings out completely and the issued:

ipchains -A forward -s 10.1.1.0/24 -j MASQ -b

This sets up a bi-directional rule that *should* allow all protocols to
go in both directions (be MASQ forwarded to original host) but it
doesn't seem to matter much.  In fact with nothing but that rule
established I can do normal tasks just fine (like the post I'm writing
right now is being done in this mode).  Anyone have an idea why this
rule would allow normal traffic but *still* not allow game traffic to
get back and forth?  Seeing as I already have security inside the LAN
(PDC) I am not very concerned with that and would rather have the thing
wide open to the net, and *then* lock down ports that are potentially
troublesome (like udp 138/139 used to be on Win boxes).  What am I doing
wrong???

2. Linux on IBM Thinkpad 365X

3. edge router can't see out

4. INFO on Programming projects requested

5. Help! Can't FTP behind Edge router...

6. Using Opera as browser for Kmail

7. Edge or Linux Router Projct + Server

8. IBM disc corrupts data when DMA is used

9. Z-Edge 64 router

10. Anyone experience or docs for using Linux as a router for apple-comps.

11. Can't expand the Linux X windows screen edge of monitor

12. Linux ISDN Router experience...

13. Linux doesn't make the cut for "bleeding-edge" users